Next year, however, is not expected to be a piece of cake. Compliance spending is expected to go up this year and next as SMBs and foreign registrants enter the fray. Experts advise companies see SOX as a business process, not a series of tactical problems. Here are seven ways to survive year two of compliance.
- Foundation: SOX is a process, not a project. Build compliances requirements into the foundation of how you run your business.
- SOX Office: Establish a SOX office staffed by people involved in year 1 compliance and fresh recruits, including, if necessary, new hires with specific skills.
- Dashboards: Sustain SOX compliance by making it front and center for your company through the use of portals, dashboards and/or scorecards. Expect to spend between $50,000 to $250,000
- Automate: Automate rather than replace. Don't toss out what you did last year. Experts estimate that automation technology can save upwards of 25% of SOX costs.
- Embed: Embed testing of internal controls in business processes or use a LAN that sits outside business processes to verify controls.
- Testing: Test all transactions, not just samples on a continuous basis.
- Monitor: Monitor controls that were put in place late last year to meet the deadline and
- make sure they continue to mature.